VSI's Security Testing and Monitoring solution can be used to analyze custom web applications on your network to understand existing weaknesses and even monitor them in real-time.
Custom web applications usually consist of a web server, an application server and some sort of back-end database. The complete "stack" of this solution can be audited by VSI.
Vulnerabilities and missing patches in the underlying operating system can be identified with VSI credentialed scans.
Configuration audits of the underlying operating system can identify system security settings that need to be enabled to make it more difficult for an attacker to compromise a system completely. VSI can perform audits of Windows and Unix operating systems with a wide variety of security checklists.
Vulnerabilities and configurations of the underlying web server can also be audited. VSI includes audits for many popular web servers such as Apache and IIS. Hardening these applications can make it more difficult to exploit an application.
Hardening of the underlying web programming language can also limit exposure to SQL injection and other web errors. For example, VSI includes the ability to audit PHP configurations against OWASP standards.
Web applications that rely on SQL databases for their data can also be hardened. VSI includes SQL auditing policies based on DISA and CIS standards that make obtaining data much harder for attackers attempting to compromise customer web applications.